EP2683112B1 - Secure message transmission - Google Patents

Secure message transmission Download PDF

Info

Publication number
EP2683112B1
EP2683112B1 EP12174736.4A EP12174736A EP2683112B1 EP 2683112 B1 EP2683112 B1 EP 2683112B1 EP 12174736 A EP12174736 A EP 12174736A EP 2683112 B1 EP2683112 B1 EP 2683112B1
Authority
EP
European Patent Office
Prior art keywords
message
block
authentication
communication network
signature
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
EP12174736.4A
Other languages
German (de)
English (en)
French (fr)
Other versions
EP2683112A1 (en
Inventor
Hubert Kirrmann
Cagri Önal
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hitachi Energy Ltd
Original Assignee
ABB Research Ltd Switzerland
ABB Research Ltd Sweden
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Family has litigation
First worldwide family litigation filed litigation Critical https://patents.darts-ip.com/?family=48669895&utm_source=google_patent&utm_medium=platform_link&utm_campaign=public_patent_search&patent=EP2683112(B1) "Global patent litigation dataset” by Darts-ip is licensed under a Creative Commons Attribution 4.0 International License.
Application filed by ABB Research Ltd Switzerland, ABB Research Ltd Sweden filed Critical ABB Research Ltd Switzerland
Priority to EP12174736.4A priority Critical patent/EP2683112B1/en
Priority to PCT/EP2013/062027 priority patent/WO2014005805A1/en
Priority to CN201380035899.4A priority patent/CN104471893B/zh
Publication of EP2683112A1 publication Critical patent/EP2683112A1/en
Priority to US14/585,746 priority patent/US20150121084A1/en
Application granted granted Critical
Publication of EP2683112B1 publication Critical patent/EP2683112B1/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3242Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S40/00Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
    • Y04S40/20Information technology specific aspects, e.g. CAD, simulation, modelling, system security

Definitions

  • the invention relates to the field of securing messages within a communication network of an industrial process control system, in particular of a substation automation system. Specifically, the present invention relates to a method of and a system for securing messages.
  • securing messages is of great importance for accurate and safe operation. Different levels of security are necessary depending on a potential threat to the network. In the case of malicious messages being a threat to the network, a method of message authentication may be sufficient to protect the network. In the case of eavesdropping being a threat, a more complex method such as message encryption may be needed to protect the network. Further objectives may be prevention of playback and spoofing, as well as intrusion detection.
  • a sender For authentication, a sender generates, based on the message contents, a signature known in the art as message authentication code (MAC), appends the MAC to the message and finally sends the message via the network. Specifically, the sender generates the signature from an authentication algorithm and a receiver can authenticate the sender by checking the signature.
  • the authentication algorithm may be asymmetrical or symmetrical, the latter including e.g. hashed message authentication code (HMAC), Galois field MAC (GMAC) and secure cipher block chaining MAC (XCBCMAC).
  • HMAC hashed message authentication code
  • GMAC Galois field MAC
  • XCBCMAC secure cipher block chaining MAC
  • Conventional implementations of the algorithms for authentication require the message to be entirely received before generating the signature authentication, which results in large processing overhead. Accordingly, state of the art authentication causes significant delays for transmitting and forwarding of messages within the communication network. As a result although enhanced security is needed authentication is not applied as of time constraints for transmitting messages.
  • the security scheme to be used is described in IEC 62351.
  • the different security objectives include authentication of data transfer through digital signatures, ensuring authenticated access, prevention of eavesdropping, prevention of playback and spoofing, and intrusion detection.
  • the high overhead to security features may prevent the network from fulfilling its real-time constraints. For instance, in the case of hash and sign paradigm for digital signature creation, asymmetrical algorithms are much more time consuming than symmetrical algorithms and tend to violate the real time requirements of substation automation systems. Thus, asymmetrical encryption algorithms are rarely used, in particular in the case of substation automation.
  • transmitting and forwarding of a message within the communication network is delayed by performing an integrity check operation.
  • the integrity check allows uncovering accidental or malicious modifications to the message by generating a checksum.
  • a checksum is computed from a block of the message for detecting errors that may have been introduced during transmission or storage.
  • the integrity of the data can be checked at any time thereafter by re-generating the checksum and comparing it with the checksum of the message received.
  • Patent document EP-1 615 370 A1 discloses a method for authenticating short messages. For each message, a message authentication code (MAC) is derived, wherein the MAC not only depends on the message itself, but also on the MAC of the previous message. That way, not only the integrity of the messages can be guaranteed, but also the order wherein the messages were sent.
  • MAC message authentication code
  • Patent document US 5,671,283 discloses similar teachings, wherein each MAC is not only a function of the present packet, but also a function of all the previous packets.
  • a plain text multi-block message including characters arranged in blocks of a single size is to be transmitted between devices over a communication network of an industrial process control system, in particular of a substation automation system, or to be forwarded to upper layers of a communication stack of a device of such system.
  • the multi-block message is to be secured by way of a block-based authentication code processing the blocks of the message in a serial manner, wherein authentication information of a non-initial block of the message is generated based on authentication information of a previous block that was processed earlier.
  • the previous block can already be further processed in particular already be transmitted or forwarded respectively while authentication information of the next block is generated.
  • This enables on-the-fly authentication of the multi-block message and authentication at an increased rate of more than 1Gbit/s. This allows further to use simplified devices for securing messages and reduces the computation costs.
  • authentication information of a final block specifically of the last block of the message to be processed includes a summary of the authentication information of each block of the multi-block message and may be considered a message authentication signature for the entire multi-block message. Subsequently, such signature is appended to the message preferably to the final block of the message. From the summary the authentication information of each block can be checked after the message is received by another communication network device or further layers of the same device.
  • the block-wise authentication information and finally the authentication signature is re-generated after receiving the message.
  • the original authentication signature of the received message is cross checked with the re-generated signature. For matching signatures, the received message is considered secure and authenticated.
  • a preferred variant of the invention is the use within precision time protocols (PTP) such as IEEE 1588 for precise time distribution and clock synchronization in electrical substations, wherein the use of a chained MAC (CMAC) as authentication is particularly advantageous.
  • PTP precision time protocols
  • CMAC chained MAC
  • HSR IEC 62439-3
  • the multi-block message to be secured is to be checked for integrity after being received by a communication network device.
  • the integrity check is introduced for the purpose of detecting accidental errors that may have occurred during transmission or storage of the message. Some integrity check operations may be based on special algorithms that not only detect errors but also allow the original data to be recovered in certain cases.
  • the integrity check operation is block based, wherein the blocks may be different from the blocks used for authentication.
  • the algorithm for the integrity check can be optimized with respect to size of the used blocks particularly by number of characters or certain bits of the message.
  • an integrity check value is generated for a block of the message based on a specific residue of a previous block. Similar to the operation of authentication, this enables an on-the-fly integrity check of the multi-block message and an integrity check at an increased speed. Finally, a checksum is generated from the integrity check value of each block of the message and appended to a final block. The integrity of an incoming message can be checked by re-generating the integrity check value and ultimately the checksum and by subsequent comparison of the received and re-generated checksum. In case of matching checksums, the integrity of the incoming message is verified.
  • the multi-block message is encrypted for enhanced confidentiality and further security.
  • Standards and cryptographic software as well as hardware to perform encryption are widely available, but successfully using encryption to ensure security is challenging.
  • encryption is carried out on-the-fly and concurrent with, or in parallel to, authentication and the integrity check operation.
  • a block based algorithm is used for encryption, wherein a single shared block cipher may even be used both to encrypt and to calculate an authentication signature.
  • authentication information of a block may be advantageous to generate the authentication information of a block before or after encryption of said block depending on the algorithms used for each operation, e.g. when using the same block size for authentication and encryption; authentication may also be carried out after encryption of the message blocks.
  • intermediate authentication signature values can be obtained from the manipulation of the encrypted input data blocks (or vice versa).
  • the present invention also relates to a communication network system of an industrial process control system, in particular of a substation automation system comprising a communication network device adapted to securing a multi-block message.
  • the communication network device is adapted to separate the message in sorted blocks and apply a block-based security code.
  • the block authentication information for a block of the message is generated based on residue of the block and based on block authentication information of a previous block while transmitting the previous block of the message.
  • Each block of the message is encrypted while an encrypted previous block is transmitted.
  • a message authentication signature is generated based on the block authentication information of a final block of the message, and ultimately the authentication signature is appended to the final block of the message or a received authentication signature appended to the message is verified.
  • the message is transmitted or forwarded respectively while some of the content is still processed in form of generating authentication, generating the checksum or encrypting the message.
  • time delay for processing of the message is reduced to a minimum, thus, enabling on-the-fly security for the communication network at a high transmitting rate at low computation costs.
  • Fig.1 shows schematically securing of a multi-block message 100 using a communication network device 3.
  • the device 3 is comprised of a message input 1 and a message output 2, a distributor 4, two signature compilers 5, 6, an authentication operator 8, and an integrity check operator 9.
  • the multi-block message 100 is comprised of a preamble block 101, content blocks 102, 103, 104, 105, 106, 107 and a final block 109 containing an integrity checksum.
  • the message 100 is first received by the network device 3 via the input 1, wherein the message is separated and sorted by blocks 102, 103, 104, 105, 106, 107.
  • the final block 109 containing the integrity checksum is removed by the message input 1.
  • the distributor 4 is forwarding the blocks 102, 103, 104, 105, 106, 107 one by one to the authentication operator 8 and the integrity check operator 9, wherein the blocks 102, 103, 104, 105, 106, 107 can be different in size for the authentication operator 8 and the integrity check operator 9.
  • the block size can be optimized to fit the respective algorithm for authentication and generation of the integrity checksum.
  • the operator 8 receives and processes the message block by block, wherein after an authentication information is generated for one block 102, 103, 104, 105, 106, 107 by a block processor 81 the next block 102, 103, 104, 105, 106, 107 is received from the distributor 4.
  • a post processor 82 transmits the authentication information to a shuffling unit 83 in case this is required by the authentication algorithm, wherein the shuffling unit 83 computes an authentication signature from the authentication information.
  • residue or characters needed to calculate the authentication information of the next block 102, 103, 104, 105, 106, 107 is temporarily stored in a storage unit 84 to be redirected to the block processor 81.
  • the shuffling unit 83 sends the generated authentication signature 208, 508 to a compiler 5, where the signature 208, 508 is appended to the final block 107 of the message 100.
  • the blocks 102, 103, 104, 105, 106, 107 are forwarded to the message output 2 of the network device 3, where the blocks 102, 103, 104, 105, 106, 107 are transmitted on-the-fly to a further network communication device.
  • an integrity checksum 209 is generated by an integrity check operator 91 in parallel to authentication, where the procedure is equivalent to the generation of the authentication information 502, 503, 504, and a signature 208, 508 apart from an integrity information and a checksum to be generated for each block 102, 103, 104, 105, 106, 107.
  • a shuffling unit 93 forwards the integrity checksum to a compiler 6, which appends the integrity checksum 209 to the authentication signature 208, 508 of the message 100.
  • the authentication signature 208, 508 may be included in the generation of the integrity checksum 209, where the authentication operator 81 exchanges the necessary information such as the authentication signature 208, 508 with the integrity check operator 91 or vice versa.
  • the outgoing message 200 is transmitted on-the-fly and comprises general content blocks 201, 202, 203, 204, 205, 206, 207, the authentication signature block 208 and the integrity checksum 209.
  • Fig. 2 shows schematically the process of securing a multi-block message 100 by authentication.
  • a header 101 or preamble of the message is used as preparation information 501 to form the header of the outgoing message 200.
  • authentication information 502, 503, 504 is generated and stored temporarily.
  • the authentication signature 508 is then generated from the stored authentication information 502, 503, 504.
  • the preamble 201 and each block 202, 203, 204, 207 is transmitted on-the-fly while the authentication signature 508 is generated.
  • the authentication signature 208 and the generated integrity checksum 209 are appended to the final block 207 of the message 200.
  • Fig. 3 shows schematically the process of securing the multi-block message 100 by encryption and authentication.
  • the process is carried out as described in Fig. 2 aside from the blocks 102, 103, 104, 105, 106, 107 of the message 100 being encrypted before the authentication information 502, 503, 504 is generated.
  • encrypted blocks 401, 402, 403, 404, 407 are generated from the original blocks 101, 102, 103, 104, 107.
  • the authentication information 502, 503, 504 is generated for each encrypted block 401, 402, 403, 404, 407.
  • the authentication signature 208, 508 and the in parallel generated integrity checksum 209 are appended to the final block 207 of the message 200.
  • the message 100 to be secured can be of indefinite length.
  • a time delay for sending a message 200 is only introduced for processing the final block 207. Previous blocks 202, 203, 204 are already sent while the next block 202, 203, 204 is secured, thus not causing any time delay.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Remote Monitoring And Control Of Power-Distribution Networks (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
EP12174736.4A 2012-07-03 2012-07-03 Secure message transmission Active EP2683112B1 (en)

Priority Applications (4)

Application Number Priority Date Filing Date Title
EP12174736.4A EP2683112B1 (en) 2012-07-03 2012-07-03 Secure message transmission
PCT/EP2013/062027 WO2014005805A1 (en) 2012-07-03 2013-06-11 Secure message transmission
CN201380035899.4A CN104471893B (zh) 2012-07-03 2013-06-11 安全消息传送
US14/585,746 US20150121084A1 (en) 2012-07-03 2014-12-30 Secure message transmission

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
EP12174736.4A EP2683112B1 (en) 2012-07-03 2012-07-03 Secure message transmission

Publications (2)

Publication Number Publication Date
EP2683112A1 EP2683112A1 (en) 2014-01-08
EP2683112B1 true EP2683112B1 (en) 2017-09-27

Family

ID=48669895

Family Applications (1)

Application Number Title Priority Date Filing Date
EP12174736.4A Active EP2683112B1 (en) 2012-07-03 2012-07-03 Secure message transmission

Country Status (4)

Country Link
US (1) US20150121084A1 (zh)
EP (1) EP2683112B1 (zh)
CN (1) CN104471893B (zh)
WO (1) WO2014005805A1 (zh)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102012206272A1 (de) * 2012-04-17 2013-10-17 Beckhoff Automation Gmbh Feldbus-Datenübertragung

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5671283A (en) 1995-06-08 1997-09-23 Wave Systems Corp. Secure communication system with cross linked cryptographic codes
US5796836A (en) 1995-04-17 1998-08-18 Secure Computing Corporation Scalable key agile cryptography
US20030041242A1 (en) 2001-05-11 2003-02-27 Sarver Patel Message authentication system and method
EP1615370A1 (en) 2004-07-05 2006-01-11 Abb Research Ltd. Authentication of short messages
US7200226B2 (en) 2003-09-04 2007-04-03 Intel Corporation Cipher block chaining decryption
DE102010042539A1 (de) 2010-10-15 2012-04-19 Infineon Technologies Ag Datensender mit einer sicheren, aber effizienten Signatur

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6697943B1 (en) * 1999-12-17 2004-02-24 Cisco Technology, Inc. Use of cyclic redundancy checking for segregating control traffic
US6948067B2 (en) * 2002-07-24 2005-09-20 Qualcomm, Inc. Efficient encryption and authentication for data processing systems
US8656167B2 (en) * 2008-02-22 2014-02-18 Security First Corp. Systems and methods for secure workgroup management and communication
US8132073B1 (en) * 2009-06-30 2012-03-06 Emc Corporation Distributed storage system with enhanced security

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5796836A (en) 1995-04-17 1998-08-18 Secure Computing Corporation Scalable key agile cryptography
US5671283A (en) 1995-06-08 1997-09-23 Wave Systems Corp. Secure communication system with cross linked cryptographic codes
US20030041242A1 (en) 2001-05-11 2003-02-27 Sarver Patel Message authentication system and method
US7200226B2 (en) 2003-09-04 2007-04-03 Intel Corporation Cipher block chaining decryption
EP1615370A1 (en) 2004-07-05 2006-01-11 Abb Research Ltd. Authentication of short messages
DE102010042539A1 (de) 2010-10-15 2012-04-19 Infineon Technologies Ag Datensender mit einer sicheren, aber effizienten Signatur

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
A. A. ADEKUNLE ET AL.: "A Resourceful Combined Block Cipher Mode of Operation for Packetised Network Communication", 2010 FOURTH INTERNATIONAL CONFERENCE ON NEXT GENERATION MOBILE APPLICATIONS, SERVICES AND TECHNOLOGIES, 2010, pages 180 - 185, XP031739629
DACFEY DZUNG ET AL.: "Security for Industrial Communication Systems", PROCEEDINGS OF THE IEEE, vol. 93, no. 6, June 2005 (2005-06-01), pages 1152 - 1177, XP011133109
MILES SMID ET AL.: "Message Authentication Code (MAC) Validation System: Requirements and Procedures", COMPUTER SCIENCE AND TECHNOLOGY - NBS SPECIAL PUBLICATION 500-156, May 1988 (1988-05-01), XP055495883

Also Published As

Publication number Publication date
CN104471893B (zh) 2018-12-14
CN104471893A (zh) 2015-03-25
EP2683112A1 (en) 2014-01-08
US20150121084A1 (en) 2015-04-30
WO2014005805A1 (en) 2014-01-09

Similar Documents

Publication Publication Date Title
Albrecht et al. Lucky microseconds: A timing attack on amazon’s s2n implementation of TLS
US8520839B2 (en) Data transmitter with a secure and efficient signature
CN109428867B (zh) 一种报文加解密方法、网路设备及系统
CN111211888B (zh) 数据发送方法、数据接收方法、发送端及接收端
US20230096233A1 (en) Chosen-plaintext secure cryptosystem and authentication
KR101608815B1 (ko) 폐쇄형 네트워크에서 암복호화 서비스 제공 시스템 및 방법
CN102664740B (zh) 一种基于远程授权的招投标文件加解密方法
US11552781B2 (en) Using error detection bits for cryptographic integrity and authentication
CN113811874A (zh) 加密数据验证方法
CN114844728B (zh) 序列化数据安全通信方法及大数据平台
CN113726725A (zh) 一种数据加解密方法、装置、电子设备及存储介质
CN108141353B (zh) 密码算法升级的方法及设备
Agarwal et al. Authenticating cryptography over network in data
EP2683112B1 (en) Secure message transmission
CN107534552B (zh) 在服务器设备、客户端设备处执行的方法及服务器设备
WO2022237440A1 (en) Authenticated encryption apparatus with initialization-vector misuse resistance and method therefor
CN118369888A (zh) 用于链路加密的自动密钥滚动
Zuo et al. A novel software-defined network packet security tunnel forwarding mechanism
CN110795754B (zh) 一种基于fpga的维护信息安全方法
Hayden et al. Multi-channel security through data fragmentation
CN115549987B (zh) 一种基于数据安全隐私保护的混合加密方法
US11177933B2 (en) Side channel timing attack mitigation in securing data in transit
CN118368096A (zh) 数据验证方法、设备、存储介质及计算机程序产品
CN118138275A (zh) 远程直接内存访问方法、装置、设备及存储介质
CN115801331A (zh) 通讯信息的加密方法、装置、系统及存储介质

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

AX Request for extension of the european patent

Extension state: BA ME

17P Request for examination filed

Effective date: 20140704

RBV Designated contracting states (corrected)

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: GRANT OF PATENT IS INTENDED

INTG Intention to grant announced

Effective date: 20170418

GRAS Grant fee paid

Free format text: ORIGINAL CODE: EPIDOSNIGR3

GRAA (expected) grant

Free format text: ORIGINAL CODE: 0009210

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE PATENT HAS BEEN GRANTED

AK Designated contracting states

Kind code of ref document: B1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

REG Reference to a national code

Ref country code: GB

Ref legal event code: FG4D

REG Reference to a national code

Ref country code: CH

Ref legal event code: EP

REG Reference to a national code

Ref country code: AT

Ref legal event code: REF

Ref document number: 932925

Country of ref document: AT

Kind code of ref document: T

Effective date: 20171015

REG Reference to a national code

Ref country code: IE

Ref legal event code: FG4D

REG Reference to a national code

Ref country code: DE

Ref legal event code: R096

Ref document number: 602012037725

Country of ref document: DE

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20170927

Ref country code: HR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20170927

Ref country code: FI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20170927

Ref country code: NO

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20171227

Ref country code: SE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20170927

REG Reference to a national code

Ref country code: NL

Ref legal event code: MP

Effective date: 20170927

REG Reference to a national code

Ref country code: LT

Ref legal event code: MG4D

REG Reference to a national code

Ref country code: AT

Ref legal event code: MK05

Ref document number: 932925

Country of ref document: AT

Kind code of ref document: T

Effective date: 20170927

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: BG

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20171227

Ref country code: GR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20171228

Ref country code: LV

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20170927

Ref country code: RS

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20170927

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: NL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20170927

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: CZ

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20170927

Ref country code: RO

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20170927

Ref country code: ES

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20170927

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: SM

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20170927

Ref country code: IT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20170927

Ref country code: AT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20170927

Ref country code: IS

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20180127

Ref country code: SK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20170927

Ref country code: EE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20170927

REG Reference to a national code

Ref country code: DE

Ref legal event code: R026

Ref document number: 602012037725

Country of ref document: DE

PLAZ Examination of admissibility of opposition: despatch of communication + time limit

Free format text: ORIGINAL CODE: EPIDOSNOPE2

PLBI Opposition filed

Free format text: ORIGINAL CODE: 0009260

PLAQ Examination of admissibility of opposition: information related to despatch of communication + time limit deleted

Free format text: ORIGINAL CODE: EPIDOSDOPE2

PLAX Notice of opposition and request to file observation + time limit sent

Free format text: ORIGINAL CODE: EPIDOSNOBS2

26 Opposition filed

Opponent name: SIEMENS AKTIENGESELLSCHAFT

Effective date: 20180606

REG Reference to a national code

Ref country code: FR

Ref legal event code: PLFP

Year of fee payment: 7

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: DK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20170927

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: PL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20170927

PLBB Reply of patent proprietor to notice(s) of opposition received

Free format text: ORIGINAL CODE: EPIDOSNOBS3

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: SI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20170927

REG Reference to a national code

Ref country code: CH

Ref legal event code: PL

GBPC Gb: european patent ceased through non-payment of renewal fee

Effective date: 20180703

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LU

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20180703

Ref country code: MC

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20170927

REG Reference to a national code

Ref country code: BE

Ref legal event code: MM

Effective date: 20180731

REG Reference to a national code

Ref country code: IE

Ref legal event code: MM4A

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: GB

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20180703

Ref country code: CH

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20180731

Ref country code: LI

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20180731

Ref country code: IE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20180703

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: BE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20180731

RAP2 Party data changed (patent owner data changed or rights of a patent transferred)

Owner name: ABB SCHWEIZ AG

REG Reference to a national code

Ref country code: DE

Ref legal event code: R081

Ref document number: 602012037725

Country of ref document: DE

Owner name: HITACHI ENERGY SWITZERLAND AG, CH

Free format text: FORMER OWNER: ABB RESEARCH LTD., ZUERICH, CH

Ref country code: DE

Ref legal event code: R082

Ref document number: 602012037725

Country of ref document: DE

Representative=s name: ZIMMERMANN & PARTNER PATENTANWAELTE MBB, DE

Ref country code: DE

Ref legal event code: R081

Ref document number: 602012037725

Country of ref document: DE

Owner name: ABB SCHWEIZ AG, CH

Free format text: FORMER OWNER: ABB RESEARCH LTD., ZUERICH, CH

Ref country code: DE

Ref legal event code: R081

Ref document number: 602012037725

Country of ref document: DE

Owner name: ABB POWER GRIDS SWITZERLAND AG, CH

Free format text: FORMER OWNER: ABB RESEARCH LTD., ZUERICH, CH

Ref country code: DE

Ref legal event code: R082

Ref document number: 602012037725

Country of ref document: DE

Representative=s name: DENNEMEYER & ASSOCIATES S.A., DE

PLCK Communication despatched that opposition was rejected

Free format text: ORIGINAL CODE: EPIDOSNREJ1

REG Reference to a national code

Ref country code: DE

Ref legal event code: R100

Ref document number: 602012037725

Country of ref document: DE

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: MT

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20180703

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: TR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20170927

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: HU

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT; INVALID AB INITIO

Effective date: 20120703

Ref country code: PT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20170927

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: MK

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20170927

Ref country code: CY

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20170927

PLBN Opposition rejected

Free format text: ORIGINAL CODE: 0009273

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: OPPOSITION REJECTED

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: AL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20170927

RAP2 Party data changed (patent owner data changed or rights of a patent transferred)

Owner name: ABB POWER GRIDS SWITZERLAND AG

27O Opposition rejected

Effective date: 20200125

REG Reference to a national code

Ref country code: DE

Ref legal event code: R081

Ref document number: 602012037725

Country of ref document: DE

Owner name: HITACHI ENERGY SWITZERLAND AG, CH

Free format text: FORMER OWNER: ABB SCHWEIZ AG, BADEN, CH

Ref country code: DE

Ref legal event code: R081

Ref document number: 602012037725

Country of ref document: DE

Owner name: HITACHI ENERGY LTD, CH

Free format text: FORMER OWNER: ABB SCHWEIZ AG, BADEN, CH

Ref country code: DE

Ref legal event code: R082

Ref document number: 602012037725

Country of ref document: DE

Representative=s name: DENNEMEYER & ASSOCIATES S.A., DE

Ref country code: DE

Ref legal event code: R081

Ref document number: 602012037725

Country of ref document: DE

Owner name: ABB POWER GRIDS SWITZERLAND AG, CH

Free format text: FORMER OWNER: ABB SCHWEIZ AG, BADEN, CH

REG Reference to a national code

Ref country code: DE

Ref legal event code: R081

Ref document number: 602012037725

Country of ref document: DE

Owner name: HITACHI ENERGY SWITZERLAND AG, CH

Free format text: FORMER OWNER: ABB POWER GRIDS SWITZERLAND AG, BADEN, CH

Ref country code: DE

Ref legal event code: R081

Ref document number: 602012037725

Country of ref document: DE

Owner name: HITACHI ENERGY LTD, CH

Free format text: FORMER OWNER: ABB POWER GRIDS SWITZERLAND AG, BADEN, CH

P01 Opt-out of the competence of the unified patent court (upc) registered

Effective date: 20230527

REG Reference to a national code

Ref country code: DE

Ref legal event code: R082

Ref document number: 602012037725

Country of ref document: DE

Representative=s name: DENNEMEYER & ASSOCIATES S.A., DE

Ref country code: DE

Ref legal event code: R081

Ref document number: 602012037725

Country of ref document: DE

Owner name: HITACHI ENERGY LTD, CH

Free format text: FORMER OWNER: HITACHI ENERGY SWITZERLAND AG, BADEN, CH

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: DE

Payment date: 20240719

Year of fee payment: 13

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: FR

Payment date: 20240730

Year of fee payment: 13